Violated. That’s how Ed Slaughter feels after he said his Ring home surveillance video system was hacked in the early hours of Tuesday morning.
Slaughter said his mother-in-law, who sleeps in the basement of their Waterbury home, was woken by voices at 4:30 a.m.
The video he shared with NBC Connecticut shows a woman being harassed. Audibly a man’s voice can be heard using vulgarities, calling her and asking her to respond.
“He continued to try to have conversations with her, using explicit language. Calling her names that were way out of line,” said Slaughter.
Slaughter has eight cameras inside and outside his home. He said he installed them as a way of protecting his family but this incident has left him startled.
"Unfortunately, when the same username and password is reused on multiple services, it's possible for bad actors to gain access to many accounts," a spokesperson for Ring said.
“We don’t feel safe it really bothers us that it’s hard to get comfortable in our home when you know that somebody was watching you,” said Slaughter.
People in the nearby neighborhood with Ring devices have taken notice.
“It’s invasive you know you don’t want someone to be able to look and see you’re comings and going,” said Lydia LeBlanc.
LeBlanc lives with her 100-year-old father. Despite the incident she said she feel more secure with the system installed.
“Regardless of the risks with hackers I feel confident that at least I have some protection for him,” she said.
This is one of multiple hacking incidents reported recently involving Ring. A video this week show a young girl in Mississippi being harassed by a hacker pretending to be Santa Claus. Slaughter said he can relate to the family.
“I know exactly what they’re going through now,” he says. “The feeling of not being safe, the feeling of being violated.”
Cyber experts said this may be related to password protection.
“It’s not the Ring devices that’s the issue, it’s the credentials people are using associated with the Ring device.” said Tim Weber, Director, security services for ADNET Technologies in Farmington.
Weber recommended using distinct strong passwords with at least eight mixed character types. He also advises using Ring’s multi-factor authentication, where, in addition to having a username and password a cell phone is also as a registered device.
"Upon learning of the incident, we took appropriate actions to promptly block bad actors from known affected Ring accounts and effected users have been contacted," according to the Ring spokesperson.
Slaughter said he did not notify Police but instead went straight to Ring with his concerns. Ring found no evidence of intrusion or compromise of their systems or network.
A Ring spokesperson said they encourage all users to follow security practices including enabling two-factor authentication, adding shared users, using different passwords for each account, creating strong passwords and regularly updating passwords.